Your privacy is important to us
This statement outlines Empowered Collective’s (Empowered Collective Australia Pty Ltd ABN 49 654 368 233) policy on how we use and manage personal information provided to or collected by it.
Empowered Collective is bound by the Australian Privacy Principles contained in the Commonwealth Privacy Act and is compliant with the Privacy Amendment (Enhancing Privacy Protection) Act 2012.
Empowered Collective may, from time to time, review and update this Privacy Policy to take account of new laws and technology, changes to its operations and practices and to make sure it remains appropriate to the changing legal environment.
This privacy policy assumes that you are resident in Australia. If you are resident in the UK or Europe, please contact us for more information regarding how we treat your personal information.
What kind of personal information does Empowered Collective collect and how does the organisation collect it?
The type of information that Empowered Collective collects and holds includes (but is not limited to) personal information, including sensitive information, about:
Personal Information you provide:
Empowered Collective will generally collect personal information held about an individual by way of phone calls, emails, forms and meetings. You do have the right to seek to deal with us anonymously or using a pseudonym, but in almost every circumstance it will not be practicable for us to deal with you or provide any services to you except for the most general responses to general enquiries, unless you identify yourself.
Personal Information provided by other people
In some circumstances Empowered Collective may be provided with personal information about an individual from a third party, for example the ACT Government’s Office for Women, SPARK Ginninderry Training & Employment Program, or UnitingCare Kippax.
In relation to employee records
Under the Privacy Act, the Australian Privacy Principles do not apply to an employee record. As a result, this Privacy Policy does not apply to Empowered Collective’s treatment of an employee record, where the treatment is directly related to a current or former employment relationship between Empowered Collective and employee. However, Empowered Collective must provide access and ensure compliance with the Health Privacy Principles under the Victorian Health Records Act 2001.
How will Empowered Collective use the personal information you provide?
Empowered Collective will use the personal information it collects from you for the primary purpose of collection, and for such other secondary purposes that are related to the primary purpose of collection and reasonably expected, or to which you have consented.
In relation to direct marketing, Empowered Collective will use your personal information for direct marketing where you have provided that information, and you are likely to expect direct marketing: only then you will be sent direct marketing containing an opt out. If we use your personal information obtained from elsewhere we will still send you direct marketing information where you have consented and which will also contain an opt out. We will always obtain your consent to use sensitive information as the basis for any of our direct marketing.
Job applicants, staff members and contractors
In relation to personal information of job applicants, staff members and contractors, Empowered Collective’s primary purpose of collection is to assess and (if successful) to engage the applicant, staff member or contractor, as the case may be.
The purposes for which Empowered Collective uses personal information of job applicants, staff members and contractors include:
Where Empowered Collective receives unsolicited job applications these will usually be dealt with in accordance with the unsolicited personal information requirements of the Privacy Act.
Volunteers
Empowered Collective also obtains personal information about volunteers who assist the organisation in its functions or conduct associated activities, such as to enable the organisation and the volunteers to work together.
Who might Empowered Collective disclose personal information to?
Empowered Collective may disclose personal information, including sensitive information, held about an individual to:
Sending information overseas
Empowered Collective will not send personal information about an individual outside Australia without:
We do not use overseas providers of IT services including servers and cloud services.
How does Empowered Collective treat sensitive information?
In referring to ‘sensitive information’, Empowered Collective means:
“information relating to a person’s racial ethnic origin, political opinions, religion, trade union or other professional or trade association membership, sexual orientation or criminal record, that is also personal information; and health information about an individual”.
Sensitive information will be used and disclosed only for the purpose for which it was provided or a directly related secondary purpose, unless you agree otherwise, or the use or disclosure of the sensitive information is allowed by law.
Management and security of personal information
Empowered Collective’s staff are required to respect the confidentiality of personal information and the privacy of individuals.
Empowered Collective has in place steps to protect the personal information that it holds from misuse, loss, unauthorised access, modification, interference or disclosure by use of various methods including locked storage of paper records and passworded access rights to computerised records.
We have a data breach response plan, which we would follow in the unlikely event of a privacy or data breach.
When you use our website, having your cookies enabled will allow us to maintain the continuity of your browsing session and remember your details when you return. We may also use web beacons, Flash local stored objects and JavaScript. If you adjust your browser settings to block, reject or delete these functions, the webpage may not function in an optimal manner. We may also collect information about your IP address, although this may not identify you.
Updating personal information
Empowered Collective endeavours to ensure that the personal information it holds is accurate, complete and up-to-date. A person may seek to update their personal information held by us by contacting the Manager of Empowered Collective at any time.
The Australian Privacy Principles and the Health Privacy Principles require Empowered Collective not to store personal information longer than necessary. In particular, the Health Privacy Principles impose certain obligations about the length of time health records must be stored.
You have the right to check what personal information Empowered Collective holds about you.
Under the Commonwealth Privacy Act and the Health Records Act, an individual has the right to obtain access to any personal information which Empowered Collective holds about them and to advise us of any perceived inaccuracy. There are some exceptions to this right set out in the applicable legislation. To make a request to access any information Empowered Collective holds about you, please contact the Manager in writing.
Empowered Collective may require you to verify your identity and specify what information you require. Although no fee will be charged for accessing your personal information or making a correction, Empowered Collective may charge a fee to retrieve and copy any material. If the information sought is extensive, Empowered Collective will advise the likely cost in advance.
How long will Empowered Collective keep my information?
Under our destruction and de-identification policies, your personal information that is no longer required will be de-identified or destroyed. In many circumstances, however it will be kept for marketing purposes, as you will have consented to that in writing with us.
Enquiries and privacy complaints
If you would like further information about the way Empowered Collective manages the personal information it holds, please contact the Manager. If you have any concerns, complaints or you think there has been a breach of privacy, then also please contact the Manager who will first deal with you, usually over the phone. If we then have not dealt satisfactorily with your concerns, we will meet with you to discuss further. If you are not satisfied with our response to your complaint within 30 days from this meeting, then you can refer your complaint to the Office of the Australian Information Commissioner via: email enquiries@oaic.gov.au, telephone 1300 363 992, or fax +61 2 9284 9666.